|
Wähle bitte eine neue Analyse der Datei. |
ok, anbei das ergebniss Code: Antivirus Version letzte aktualisierung Ergebnis |
anbei der RootRepeal Report |
anbei der aktuelle Report Code: Avira AntiRootkit Tool (1.1.0.1) |
nun noch der Bericht von SysProt. Wie sehen die nächsten Schritte aus ? Gruß Andi |
schritt 1
schritt 2 Schliesse bitte alle laufenden Programme inkl Browser. Lösche bitte die Extra.txt von Deinem Desktop. Doppelklick auf die OTL.exe und poste beide Logfiles. Berichte wie der Rechner läuft |
anbei die Datei. Was bedeutet IE- User, was muss ich da genau ausführen ? |
anbei die Extras.txt |
[CODE] OTL logfile created on: 06.11.2009 18:02:50 - Run 4 OTL by OldTimer - Version 3.1.3.3 Folder = C:\Dokumente und Einstellungen\Andreas Schäfer\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.11) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1,97 Gb Total Physical Memory | 1,08 Gb Available Physical Memory | 54,83% Memory free 3,81 Gb Paging File | 3,08 Gb Available in Paging File | 80,86% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 142,44 Gb Total Space | 15,53 Gb Free Space | 10,90% Space Free | Partition Type: NTFS D: Drive not present or media not loaded Drive E: | 465,76 Gb Total Space | 271,38 Gb Free Space | 58,27% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: LENOVO-5745C956 Current User Name: Andreas Schäfer Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Dokumente und Einstellungen\Andreas Schäfer\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Programme\DNA\btdna.exe (BitTorrent, Inc.) PRC - C:\Programme\Search Settings\SearchSettings.exe (Spigot, Inc.) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Programme\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.) PRC - C:\Programme\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.) PRC - C:\Programme\RIB\License\RIB.License.Server.exe (RIB Software AG) PRC - C:\Programme\ThinkPad\Utilities\PWMDBSVC.exe () PRC - C:\Programme\Skype\Phone\Skype.exe (Skype Technologies S.A.) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.) PRC - C:\WINDOWS\system32\wbem\wmiprvse.exe (Microsoft Corporation) PRC - C:\Programme\Seagate\SeagateManager\Sync\FreeAgentService.exe (Seagate Technology LLC) PRC - C:\Programme\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe (Seagate LLC) PRC - C:\Programme\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG) PRC - C:\Programme\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG) PRC - C:\Programme\ICQ6Toolbar\ICQ Service.exe () PRC - C:\Programme\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation) PRC - C:\WINDOWS\system32\wscntfy.exe (Microsoft Corporation) PRC - C:\Programme\Messenger\msmsgs.exe (Microsoft Corporation) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Programme\HP\Digital Imaging\bin\hpqbam08.exe (Hewlett-Packard Co.) PRC - C:\Programme\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) PRC - C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation) PRC - C:\Programme\Lenovo\NPDIRECT\tpfnf7sp.exe (Lenovo Group Limited) PRC - C:\WINDOWS\system32\TpShocks.exe (Lenovo.) PRC - C:\Programme\HP\Digital Imaging\bin\hpqgpc01.exe (Hewlett-Packard) PRC - C:\WINDOWS\system32\TPHDEXLG.exe (Lenovo.) PRC - C:\Programme\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard) PRC - C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) PRC - C:\Programme\Lenovo\Client Security Solution\cssauth.exe (Lenovo Group Limited) PRC - C:\Programme\Lenovo\Client Security Solution\tvttcsd.exe (IBM) PRC - C:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited) PRC - C:\Programme\Cisco Systems\HBC-VPN-Client\vpngui.exe (Cisco Systems, Inc.) PRC - C:\Programme\Cisco Systems\HBC-VPN-Client\cvpnd.exe (Cisco Systems, Inc.) PRC - C:\Programme\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe (Lenovo ) PRC - C:\Programme\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe (Lenovo ) PRC - C:\Programme\ThinkPad\ConnectUtilities\AcSvc.exe (Lenovo ) PRC - C:\Programme\ThinkPad\ConnectUtilities\ACWLIcon.exe (Lenovo ) PRC - C:\Programme\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.) PRC - C:\Programme\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.) PRC - C:\WINDOWS\system32\ibmpmsvc.exe (Lenovo) PRC - C:\Programme\ThinkVantage\PrdCtr\LPMGR.EXE (Lenovo Group Limited) PRC - C:\Programme\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation) PRC - C:\Programme\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation ) PRC - C:\Programme\Intel\Wireless\Bin\Dot1XCfg.exe (Intel Corporation) PRC - C:\Programme\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation) PRC - C:\Programme\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.) PRC - C:\Programme\ThinkPad\Utilities\EZEJMNAP.EXE (Lenovo Group Ltd.) PRC - C:\Programme\Lenovo\HOTKEY\TPOSDSVC.exe (Lenovo Group Limited) PRC - C:\Programme\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.) PRC - C:\Programme\ThinkPad\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.) PRC - C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited) PRC - C:\Programme\Lenovo\Rescue and Recovery\rrpservice.exe () PRC - C:\Programme\Lenovo\Rescue and Recovery\rrservice.exe (Lenovo Group Limited) PRC - C:\Programme\Lenovo\Rescue and Recovery\ADM\IUService.exe () PRC - C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe (Nero AG) PRC - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexStoreSvr.exe (Nero AG) ========== Modules (SafeList) ========== MOD - C:\Dokumente und Einstellungen\Andreas Schäfer\Desktop\OTL.exe (OldTimer Tools) MOD - C:\WINDOWS\system32\wbem\framedyn.dll (Microsoft Corporation) MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (Microsoft Corporation) MOD - C:\WINDOWS\system32\nview.dll () MOD - C:\WINDOWS\system32\nvwrsde.dll (NVIDIA Corporation) MOD - C:\WINDOWS\system32\nvwddi.dll (NVIDIA Corporation) MOD - C:\WINDOWS\system32\SynTPFcs.dll (Synaptics, Inc.) MOD - C:\WINDOWS\system32\BtMmHook.dll (Broadcom Corporation.) ========== Win32 Services (SafeList) ========== SRV - (Sukoku Service) -- File not found SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (JavaQuickStarterService) -- C:\Programme\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.) SRV - (RIB.License.Server) -- C:\Programme\RIB\License\RIB.License.Server.exe (RIB Software AG) SRV - (Power Manager DBC Service) -- C:\Programme\ThinkPad\Utilities\PWMDBSVC.exe () SRV - (FreeAgentGoNext Service) -- C:\Programme\Seagate\SeagateManager\Sync\FreeAgentService.exe (Seagate Technology LLC) SRV - (Autodesk Licensing Service) -- C:\Programme\Gemeinsame Dateien\Autodesk Shared\Service\AdskScSrv.exe (Autodesk) SRV - (CodeMeter.exe) -- C:\Programme\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG) SRV - (ICQ Service) -- C:\Programme\ICQ6Toolbar\ICQ Service.exe () SRV - (FontCache3.0.0.0) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) SRV - (idsvc) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation) SRV - (NetTcpPortSharing) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (aspnet_state) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation) SRV - (helpsvc) -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll (Microsoft Corporation) SRV - (hpqcxs08) -- C:\Programme\HP\Digital Imaging\bin\hpqcxs08.dll (Hewlett-Packard Co.) SRV - (NVSvc) -- C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation) SRV - (hpqddsvc) -- C:\Programme\HP\Digital Imaging\bin\hpqddsvc.dll (Hewlett-Packard Co.) SRV - (TPHDEXLGSVC) -- C:\WINDOWS\system32\TPHDEXLG.exe (Lenovo.) SRV - (HPSLPSVC) -- C:\Programme\HP\Digital Imaging\bin\HPSLPSVC32.DLL (Hewlett-Packard Co.) SRV - (TSSCoreService) -- C:\Programme\Lenovo\Client Security Solution\tvttcsd.exe (IBM) SRV - (ThinkVantage Registry Monitor Service) -- C:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited) SRV - (CVPND) -- C:\Programme\Cisco Systems\HBC-VPN-Client\cvpnd.exe (Cisco Systems, Inc.) SRV - (AcPrfMgrSvc) -- C:\Programme\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe (Lenovo ) SRV - (AcSvc) -- C:\Programme\ThinkPad\ConnectUtilities\AcSvc.exe (Lenovo ) SRV - (IBMPMSVC) -- C:\WINDOWS\system32\ibmpmsvc.exe (Lenovo) SRV - (EvtEng) -- C:\Programme\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation) SRV - (S24EventMonitor) -- C:\Programme\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation ) SRV - (RegSrvc) -- C:\Programme\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation) SRV - (btwdins) -- C:\Programme\ThinkPad\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.) SRV - (TVT Scheduler) -- C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe (Lenovo Group Limited) SRV - (TVT Backup Protection Service) -- C:\Programme\Lenovo\Rescue and Recovery\rrpservice.exe () SRV - (TVT Backup Service) -- C:\Programme\Lenovo\Rescue and Recovery\rrservice.exe (Lenovo Group Limited) SRV - (tvtnetwk) -- C:\Programme\Lenovo\Rescue and Recovery\ADM\IUService.exe () SRV - (IviRegMgr) -- C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.dll (Hewlett-Packard) SRV - (Net Driver HPZ12) -- C:\WINDOWS\system32\HPZinw12.dll (Hewlett-Packard) SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) SRV - (odserv) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation) SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH) DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH) DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH) DRV - (TPPWRIF) -- C:\WINDOWS\system32\drivers\TPPWRIF.SYS () DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH) DRV - (PxHelp20) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions) DRV - (tvtfilter) -- C:\WINDOWS\system32\drivers\tvtfilter.sys (Lenovo) DRV - (psadd) -- C:\WINDOWS\system32\drivers\psadd.sys (Lenovo (United States) Inc.) DRV - (pmem) -- C:\WINDOWS\system32\drivers\pmemnt.sys (Microsoft Corporation) DRV - (AegisP) -- C:\WINDOWS\system32\drivers\AegisP.sys (Cisco Systems, Inc.) DRV - (NETw5x32) -- C:\WINDOWS\system32\drivers\NETw5x32.sys (Intel Corporation) DRV - (nmwcdc) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys (Nokia) DRV - (upperdev) -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys (Windows (R) Codename Longhorn DDK provider) DRV - (nmwcd) -- C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia) DRV - (nm) -- C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation) DRV - (amdagp) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.) DRV - (sisagp) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation) DRV - (usbser) -- C:\WINDOWS\system32\drivers\usbser.sys (Microsoft Corporation) DRV - (Secdrv) -- C:\WINDOWS\system32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider) DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation) DRV - (TSMAPIP) -- C:\WINDOWS\system32\drivers\TSMAPIP.SYS () DRV - (Shockprf) -- C:\WINDOWS\System32\DRIVERS\Apsx86.sys (Lenovo.) DRV - (TPDIGIMN) -- C:\WINDOWS\System32\DRIVERS\ApsHM86.sys (Lenovo.) DRV - (rimmptsk) -- C:\WINDOWS\system32\drivers\rimmptsk.sys (REDC) DRV - (rismxdp) -- C:\WINDOWS\system32\drivers\rixdptsk.sys (REDC) DRV - (rimsptsk) -- C:\WINDOWS\system32\drivers\rimsptsk.sys (REDC) DRV - (CVPNDRVA) -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys (Cisco Systems, Inc.) DRV - (SynTP) -- C:\WINDOWS\system32\drivers\SynTP.sys (Synaptics, Inc.) DRV - (LenovoRd) -- C:\WINDOWS\system32\drivers\LenovoRd.sys (Lenovo) DRV - (IBMPMDRV) -- C:\WINDOWS\system32\drivers\ibmpmdrv.sys (Lenovo.) DRV - (TVTI2C) -- C:\WINDOWS\system32\drivers\tvti2c.sys (Lenovo (United States) Inc.) DRV - (e1express) -- C:\WINDOWS\system32\drivers\e1e5132.sys (Intel Corporation) DRV - (NETw4x32) -- C:\WINDOWS\system32\drivers\NETw4x32.sys (Intel Corporation) DRV - (ADIHdAudAddService) -- C:\WINDOWS\system32\drivers\ADIHdAud.sys (Analog Devices, Inc.) DRV - (IBMTPCHK) -- C:\WINDOWS\system32\drivers\IBMBLDID.sys () DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation) DRV - (AEAudio) -- C:\WINDOWS\system32\drivers\aeaudio.sys (Andrea Electronics Corporation) DRV - (smihlp) -- C:\Programme\Gemeinsame Dateien\ThinkVantage Fingerprint Software\Drivers\smihlp.sys (UPEK Inc.) DRV - (TcUsb) -- C:\WINDOWS\system32\drivers\tcusb.sys (UPEK Inc.) DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.) DRV - (iaStor) -- C:\WINDOWS\system32\DRIVERS\iaStor.sys (Intel Corporation) DRV - (DNE) -- C:\WINDOWS\system32\drivers\dne2000.sys (Deterministic Networks, Inc.) DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.) DRV - (CVirtA) -- C:\WINDOWS\system32\drivers\CVirtA.sys (Cisco Systems, Inc.) DRV - (HPZius12) -- C:\WINDOWS\system32\drivers\HPZius12.sys (HP) DRV - (HPZipr12) -- C:\WINDOWS\system32\drivers\HPZipr12.sys (HP) DRV - (HPZid412) -- C:\WINDOWS\system32\drivers\HPZid412.sys (HP) DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.) DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.) DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.) DRV - (TPHKDRV) -- C:\WINDOWS\system32\drivers\TPHKDRV.sys (IBM Corporation) DRV - (mdmxsdk) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys (Conexant) DRV - (ANC) -- C:\WINDOWS\system32\drivers\ANC.sys (IBM Corp.) DRV - (atmeltpm) -- C:\WINDOWS\system32\drivers\atmeltpm.sys (Atmel, Inc.) DRV - (vsdatant) -- C:\WINDOWS\system32\vsdatant.sys (Zone Labs LLC) DRV - (Ptilink) -- C:\WINDOWS\system32\drivers\ptilink.sys (Parallel Technologies, Inc.) DRV - (fxusbase) -- C:\WINDOWS\system32\drivers\fxusbase.sys (AVM Berlin) DRV - (AVMCOWAN) -- C:\WINDOWS\system32\drivers\avmcowan.sys (AVM GmbH) DRV - (CmdIde) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.) DRV - (G400) -- C:\WINDOWS\system32\drivers\G400m.sys (Matrox Graphics Inc.) DRV - (E100B) -- C:\WINDOWS\system32\drivers\e100b325.sys (Intel Corporation) DRV - (Sparrow) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.) DRV - (sym_u3) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic) DRV - (sym_hi) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic) DRV - (symc8xx) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic) DRV - (symc810) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.) DRV - (ultra) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.) DRV - (ql12160) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation) DRV - (ql1080) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation) DRV - (ql1280) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation) DRV - (dac2w2k) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation) DRV - (mraid35x) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.) DRV - (asc) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.) DRV - (asc3550) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.) DRV - (AliIde) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.) DRV - (ac97intc) -- C:\WINDOWS\system32\drivers\ac97intc.sys (Intel Corporation) DRV - (AVMWAN) -- C:\WINDOWS\system32\drivers\avmwan.sys (AVM Berlin) DRV - (SSIPDDP) -- C:\WINDOWS\system32\drivers\SSIPDDP.SYS () |
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo.live.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/welcome/thinkpad [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\Search Settings\kb128\SearchSettings.dll (Spigot, Inc.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Yahoo" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=867034" FF - prefs.js..browser.search.selectedEngine: "Yahoo" FF - prefs.js..browser.startup.homepage: "http://www.google.de" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1 FF - prefs.js..extensions.enabledItems: search@searchsettings.com:1.2.2 FF - prefs.js..extensions.enabledItems: {7AB6D133-2A14-4C11-B3AD-35B1548D38F9}:1.0 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.4 FF - prefs.js..keyword.URL: "http://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=867034&p=" FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Programme\Java\jre6\lib\deploy\jqs\ff [2009.04.28 12:46:49 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.08.07 10:59:58 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.4\extensions\\Components: C:\Programme\Mozilla Firefox\components [2009.11.04 10:17:00 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.4\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2009.11.04 10:16:38 | 00,000,000 | ---D | M] [2009.10.07 12:47:48 | 00,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Andreas Schäfer\Anwendungsdaten\Mozilla\Extensions [2009.10.07 12:47:48 | 00,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Andreas Schäfer\Anwendungsdaten\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009.11.06 16:11:21 | 00,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Andreas Schäfer\Anwendungsdaten\Mozilla\Firefox\Profiles\1jov09i7.default\extensions [2009.10.07 12:53:05 | 00,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Andreas Schäfer\Anwendungsdaten\Mozilla\Firefox\Profiles\1jov09i7.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2009.11.06 16:11:21 | 00,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions [2009.10.28 11:57:19 | 00,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions\{7AB6D133-2A14-4C11-B3AD-35B1548D38F9} [2008.12.24 13:32:21 | 00,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2009.10.30 16:42:53 | 00,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2009.04.28 12:47:02 | 00,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} [2009.10.15 15:30:16 | 00,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions\search@searchsettings.com [2009.10.30 16:42:43 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Programme\Mozilla Firefox\components\browserdirprovider.dll [2009.10.30 16:42:44 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Programme\Mozilla Firefox\components\brwsrcmp.dll [2009.04.28 12:46:49 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeploytk.dll [2008.11.21 22:45:04 | 01,332,224 | ---- | M] (DivX,Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdivx32.dll [2008.11.21 22:45:26 | 00,098,304 | ---- | M] (DivX, Inc) -- C:\Programme\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll [2009.10.30 16:42:48 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Programme\Mozilla Firefox\plugins\npnul32.dll [2006.10.26 20:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- C:\Programme\Mozilla Firefox\plugins\NPOFF12.DLL [2009.02.27 11:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Programme\Mozilla Firefox\plugins\nppdf32.dll [2009.08.24 20:25:19 | 00,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2009.08.24 20:25:19 | 00,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2009.08.24 20:25:19 | 00,002,371 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\google.xml [2009.08.24 20:25:19 | 00,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2009.10.21 23:00:49 | 00,002,381 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\sukoku123.xml [2009.08.24 20:25:19 | 00,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2009.08.24 20:25:19 | 00,000,801 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml [2009.10.15 15:30:17 | 00,000,878 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo.xml O1 HOSTS File: (716 bytes) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (SearchSettings Class) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\Search Settings\kb128\SearchSettings.dll (Spigot, Inc.) O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) O2 - BHO: (CPwmIEBrowserHelper Object) - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Programme\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited) O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) O4 - HKLM..\Run: [ACWLIcon] C:\Programme\ThinkPad\ConnectUtilities\ACWLIcon.exe (Lenovo ) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [BLOG] C:\Programme\ThinkPad\Utilities\BATLOGEX.DLL () O4 - HKLM..\Run: [cssauth] C:\Programme\Lenovo\Client Security Solution\cssauth.exe (Lenovo Group Limited) O4 - HKLM..\Run: [EZEJMNAP] C:\Programme\ThinkPad\Utilities\EZEJMNAP.EXE (Lenovo Group Ltd.) O4 - HKLM..\Run: [HP Software Update] C:\Programme\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard) O4 - HKLM..\Run: [hpqSRMon] C:\Programme\HP\Digital Imaging\bin\HpqSRmon.exe (Hewlett-Packard) O4 - HKLM..\Run: [KernelFaultCheck] File not found O4 - HKLM..\Run: [LPManager] C:\Programme\ThinkVantage\PrdCtr\LPMGR.EXE (Lenovo Group Limited) O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [MaxMenuMgr] C:\Programme\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe (Seagate LLC) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [PWRMGRTR] C:\Programme\ThinkPad\Utilities\PWRMGRTR.DLL (Lenovo Group Limited) O4 - HKLM..\Run: [RelevantKnowledge] C:\programme\relevantknowledge\rlvknlg.exe File not found O4 - HKLM..\Run: [SearchSettings] C:\Programme\Search Settings\SearchSettings.exe (Spigot, Inc.) O4 - HKLM..\Run: [SoundMAX] C:\Programme\Analog Devices\SoundMAX\Smax4.exe (Analog Devices, Inc.) O4 - HKLM..\Run: [SoundMAXPnP] C:\Programme\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.) O4 - HKLM..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.) O4 - HKLM..\Run: [TPFNF7] C:\Programme\Lenovo\NPDIRECT\TPFNF7SP.exe (Lenovo Group Limited) O4 - HKLM..\Run: [TPHOTKEY] C:\Programme\Lenovo\HOTKEY\TPOSDSVC.exe (Lenovo Group Limited) O4 - HKLM..\Run: [TpShocks] C:\WINDOWS\System32\TpShocks.exe (Lenovo.) O4 - HKLM..\Run: [TVT Scheduler Proxy] C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited) O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe (Nero AG) O4 - HKCU..\Run: [BitTorrent DNA] C:\Programme\DNA\btdna.exe (BitTorrent, Inc.) O4 - HKCU..\Run: [ICQ] C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.) O4 - HKCU..\Run: [MSMSGS] C:\Programme\Messenger\msmsgs.exe (Microsoft Corporation) O4 - HKCU..\Run: [Skype] C:\Programme\Skype\Phone\Skype.exe (Skype Technologies S.A.) O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\AutoCAD-Startbeschleuniger.lnk = C:\Programme\Gemeinsame Dateien\Autodesk Shared\acstart16.exe (Autodesk, Inc) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BTTray.lnk = C:\Programme\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\CodeMeter Control Center.lnk = C:\Programme\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Hochschule Biberach VPN Client.lnk = C:\WINDOWS\Installer\{14FCFE7C-AB86-428A-9D2E-BFB6F5A7AA6E}\Icon3E5562ED7.ico () O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\HP Digital Imaging Monitor.lnk = C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Windows Search.lnk = C:\Programme\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Senden an &Bluetooth-Gerät... - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm () O9 - Extra 'Tools' menuitem : ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Programme\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited) O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: HP Intelligente Auswahl - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation) O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe (Microsoft Corporation) O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Programme/Chessmaster%20Challenge/Images/stg_drm.ocx (SpinTop DRM Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Programme/Chessmaster%20Challenge/Images/armhelper.ocx (ArmHelper Control) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\ACNotify: DllName - ACNotify.dll - C:\Programme\ThinkPad\ConnectUtilities\ACNotify.dll (Lenovo ) O20 - Winlogon\Notify\psfus: DllName - C:\WINDOWS\system32\psqlpwd.dll - C:\WINDOWS\system32\psqlpwd.dll (UPEK Inc.) O20 - Winlogon\Notify\tpfnf2: DllName - C:\Programme\Lenovo\HOTKEY\notifyf2.dll - C:\Programme\Lenovo\HOTKEY\notifyf2.dll () O20 - Winlogon\Notify\tphotkey: DllName - C:\Programme\Lenovo\HOTKEY\tphklock.dll - C:\Programme\Lenovo\HOTKEY\tphklock.dll () O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.01.27 03:18:40 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2009.05.25 11:50:12 | 00,000,062 | ---- | M] () - E:\autorun.inf -- [ NTFS ] O33 - MountPoints2\{49f478ef-e496-11dd-9f71-00215c56e355}\Shell - "" = AutoRun O33 - MountPoints2\{49f478ef-e496-11dd-9f71-00215c56e355}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{49f478ef-e496-11dd-9f71-00215c56e355}\Shell\AutoRun\command - "" = E:\OnSpcLCK.exe -- File not found O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - File not found O35 - comfile [open] -- "%1" %* File not found O35 - exefile [open] -- "%1" %* File not found |
========== Files/Folders - Created Within 30 Days ========== [2009.11.06 18:01:29 | 00,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Andreas Schäfer\Recent [2009.11.06 14:36:36 | 00,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Andreas Schäfer\Desktop\SysProt [2009.11.06 13:51:40 | 00,188,673 | ---- | C] (Avira GmbH) -- C:\Dokumente und Einstellungen\Andreas Schäfer\Desktop\avirarkd.exe [2009.11.06 13:49:32 | 00,096,104 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys [2009.11.06 13:49:32 | 00,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys [2009.11.06 13:49:32 | 00,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys [2009.11.06 13:49:32 | 00,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys [2009.11.06 13:49:30 | 00,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira [2009.11.06 13:04:37 | 00,472,064 | ---- | C] ( ) -- C:\Dokumente und Einstellungen\Andreas Schäfer\Desktop\RootRepeal.exe [2009.11.04 10:23:01 | 00,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Andreas Schäfer\Anwendungsdaten\Malwarebytes [2009.11.04 10:22:57 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2009.11.04 10:22:56 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2009.11.04 10:22:56 | 00,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2009.11.04 10:22:56 | 00,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes [2009.11.03 15:57:02 | 00,055,656 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys [2009.11.03 12:27:40 | 00,527,872 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Andreas Schäfer\Desktop\OTL.exe [2009.11.02 23:06:39 | 00,000,000 | ---D | C] -- C:\!KillBox [2009.10.23 11:28:31 | 00,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Andreas Schäfer\Anwendungsdaten\vlc [2009.10.15 22:24:34 | 00,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Andreas Schäfer\Anwendungsdaten\Search Settings [2009.10.15 15:30:16 | 00,000,000 | ---D | C] -- C:\Programme\Search Settings [2009.10.15 15:26:54 | 00,315,392 | ---- | C] (Koyote Soft - http://www.koyotesoft.com) -- C:\WINDOWS\System32\TubeFinder.exe [2009.10.15 15:26:53 | 00,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCMCFR.DLL [2009.10.15 15:26:53 | 00,119,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\VB6FR.DLL [2009.10.15 15:26:53 | 00,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\VB6STKIT.DLL [2009.10.15 15:26:53 | 00,084,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\PICCLP32.OCX [2009.10.15 15:26:53 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\PCCLPFR.DLL [2009.10.15 15:26:52 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CMDLGFR.DLL [2009.10.15 15:26:52 | 00,000,000 | ---D | C] -- C:\Programme\Free FLV Converter [2009.10.15 15:26:52 | 00,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Andreas Schäfer\Anwendungsdaten\FreeFLVConverter [2009.10.15 10:45:30 | 00,000,000 | ---D | C] -- C:\Programme\VideoLAN [2009.10.15 09:15:53 | 00,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusd.dll [2009.10.15 09:15:53 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusb.dll [2009.10.09 09:44:59 | 00,018,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll [2009.10.09 09:44:54 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpns.dll [2008.11.16 14:27:19 | 00,167,936 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2uvc.dll [2008.11.16 14:27:19 | 00,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2uvc.dll [12 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2009.11.06 14:48:02 | 00,002,435 | ---- | M] () -- C:\Dokumente und Einstellungen\Andreas Schäfer\Desktop\Hochschule Biberach VPN Client.lnk [2009.11.06 14:46:19 | 07,340,032 | -H-- | M] () -- C:\Dokumente und Einstellungen\Andreas Schäfer\NTUSER.DAT [2009.11.06 14:36:06 | 00,354,396 | ---- | M] () -- C:\Dokumente und Einstellungen\Andreas Schäfer\Desktop\SysProt.zip [2009.11.06 14:19:11 | 00,002,449 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Hochschule Biberach VPN Client.lnk [2009.11.06 14:19:06 | 00,000,320 | ---- | M] () -- C:\WINDOWS\tasks\PMTask.job [2009.11.06 14:18:46 | 00,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2009.11.06 14:17:03 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2009.11.06 14:17:01 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2009.11.06 14:16:57 | 21,121,39264 | -HS- | M] () -- C:\hiberfil.sys [2009.11.06 14:15:23 | 00,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\Andreas Schäfer\ntuser.ini [2009.11.06 13:49:41 | 00,001,690 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira AntiVir Control Center.lnk [2009.11.06 13:31:07 | 00,065,893 | ---- | M] () -- C:\Dokumente und Einstellungen\Andreas Schäfer\Desktop\antivir_rootkit.zip [2009.11.06 13:03:51 | 00,465,298 | ---- | M] () -- C:\Dokumente und Einstellungen\Andreas Schäfer\Desktop\RootRepeal.rar [2009.11.05 13:40:07 | 00,002,503 | ---- | M] () -- C:\Dokumente und Einstellungen\Andreas Schäfer\Desktop\Microsoft Office Word 2007.lnk [2009.11.04 13:45:41 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2009.11.04 13:41:38 | 00,088,064 | ---- | M] () -- C:\Dokumente und Einstellungen\Andreas Schäfer\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.11.04 10:22:59 | 00,000,695 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2009.11.03 16:09:43 | 00,454,279 | ---- | M] () -- C:\Dokumente und Einstellungen\Andreas Schäfer\Desktop\GMER 1.doc [2009.11.03 13:22:16 | 00,291,328 | ---- | M] () -- C:\Dokumente und Einstellungen\Andreas Schäfer\Desktop\df8efhso.exe [2009.11.03 12:27:41 | 00,527,872 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Andreas Schäfer\Desktop\OTL.exe [2009.11.02 23:14:49 | 00,000,904 | ---- | M] () -- C:\Dokumente und Einstellungen\Andreas Schäfer\.recently-used.xbel [2009.11.02 16:15:06 | 00,000,716 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2009.10.26 12:39:59 | 01,114,258 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2009.10.26 12:39:59 | 00,487,730 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2009.10.26 12:39:59 | 00,444,362 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2009.10.26 12:39:59 | 00,095,538 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2009.10.26 12:39:59 | 00,072,238 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2009.10.23 11:33:10 | 00,000,783 | ---- | M] () -- C:\Dokumente und Einstellungen\Andreas Schäfer\Desktop\Free FLV Converter.lnk [2009.10.23 11:22:12 | 00,315,392 | ---- | M] (Koyote Soft - http://www.koyotesoft.com) -- C:\WINDOWS\System32\TubeFinder.exe [2009.10.23 11:13:32 | 00,000,710 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\VLC media player.lnk [2009.10.21 05:06:57 | 03,598,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtml.dll [2009.10.21 05:06:57 | 03,598,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll [2009.10.09 10:03:34 | 00,000,781 | ---- | M] () -- C:\Dokumente und Einstellungen\Andreas Schäfer\Desktop\Windows Media Player.lnk [2009.10.09 09:58:19 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb [2009.10.09 09:58:19 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb [2009.10.09 09:44:54 | 00,000,837 | ---- | M] () -- C:\WINDOWS\win.ini [12 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2009.11.06 14:36:06 | 00,354,396 | ---- | C] () -- C:\Dokumente und Einstellungen\Andreas Schäfer\Desktop\SysProt.zip [2009.11.06 13:49:41 | 00,001,690 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira AntiVir Control Center.lnk [2009.11.06 13:31:07 | 00,065,893 | ---- | C] () -- C:\Dokumente und Einstellungen\Andreas Schäfer\Desktop\antivir_rootkit.zip [2009.11.06 13:03:51 | 00,465,298 | ---- | C] () -- C:\Dokumente und Einstellungen\Andreas Schäfer\Desktop\RootRepeal.rar [2009.11.04 10:22:59 | 00,000,695 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2009.11.03 15:12:51 | 00,454,279 | ---- | C] () -- C:\Dokumente und Einstellungen\Andreas Schäfer\Desktop\GMER 1.doc [2009.11.03 13:22:15 | 00,291,328 | ---- | C] () -- C:\Dokumente und Einstellungen\Andreas Schäfer\Desktop\df8efhso.exe [2009.11.02 23:14:49 | 00,000,904 | ---- | C] () -- C:\Dokumente und Einstellungen\Andreas Schäfer\.recently-used.xbel [2009.10.23 11:13:32 | 00,000,710 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\VLC media player.lnk [2009.10.15 15:26:55 | 00,000,783 | ---- | C] () -- C:\Dokumente und Einstellungen\Andreas Schäfer\Desktop\Free FLV Converter.lnk [2009.10.15 15:26:53 | 00,364,544 | ---- | C] () -- C:\WINDOWS\System32\PropertyGrid.ocx [2009.10.15 15:26:53 | 00,208,500 | ---- | C] () -- C:\WINDOWS\System32\ReyXpBasics.tlb [2009.10.15 15:26:52 | 00,024,576 | ---- | C] () -- C:\WINDOWS\System32\ControlSubX.ocx [2009.06.05 18:35:55 | 00,004,442 | ---- | C] () -- C:\WINDOWS\System32\drivers\TPPWRIF.SYS [2009.04.17 10:28:14 | 00,000,067 | ---- | C] () -- C:\WINDOWS\iltwain.ini [2009.04.06 21:12:42 | 00,001,292 | ---- | C] () -- C:\WINDOWS\_ISENV31.INI [2009.03.06 15:31:48 | 00,010,122 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\hpzinstall.log [2008.12.31 18:42:12 | 00,000,035 | ---- | C] () -- C:\WINDOWS\render.ini [2008.11.26 16:16:43 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2008.11.26 16:16:40 | 00,088,064 | ---- | C] () -- C:\Dokumente und Einstellungen\Andreas Schäfer\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008.11.21 22:47:52 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2008.11.21 22:45:16 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest [2008.11.21 22:45:16 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest [2008.11.21 22:44:16 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll [2008.11.18 22:09:04 | 00,055,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\SSIPDDP.SYS [2008.11.18 21:47:58 | 00,000,211 | ---- | C] () -- C:\WINDOWS\uno.ini [2008.11.18 21:47:52 | 00,287,744 | ---- | C] () -- C:\WINDOWS\uno364mi.dll [2008.11.18 21:47:52 | 00,109,568 | ---- | C] () -- C:\WINDOWS\vos364mi.dll [2008.11.18 21:47:52 | 00,091,648 | ---- | C] () -- C:\WINDOWS\osl364mi.dll [2008.11.16 16:04:13 | 00,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll [2008.11.16 14:57:45 | 00,109,144 | ---- | C] () -- C:\Dokumente und Einstellungen\Andreas Schäfer\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT [2008.11.16 14:52:02 | 03,667,688 | -H-- | C] () -- C:\Dokumente und Einstellungen\Andreas Schäfer\Lokale Einstellungen\Anwendungsdaten\IconCache.db [2008.11.16 14:52:02 | 00,000,148 | ---- | C] () -- C:\Dokumente und Einstellungen\Andreas Schäfer\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat [2008.11.16 14:52:02 | 00,000,062 | -HS- | C] () -- C:\Dokumente und Einstellungen\Andreas Schäfer\Anwendungsdaten\desktop.ini [2008.11.16 14:47:11 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2008.11.16 14:41:58 | 00,004,224 | ---- | C] () -- C:\WINDOWS\System32\drivers\IBMBLDID.sys [2008.11.16 14:39:04 | 00,000,124 | ---- | C] () -- C:\WINDOWS\wininit.ini [2008.11.16 14:37:39 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll [2008.11.16 14:37:39 | 00,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll [2008.11.16 14:37:39 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll [2008.11.16 14:37:39 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll [2008.11.16 14:37:39 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll [2008.11.16 14:37:39 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll [2008.11.16 14:32:14 | 01,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2008.11.16 14:32:14 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2008.11.16 14:32:13 | 01,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2008.11.16 14:32:13 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2008.11.16 14:28:56 | 00,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSMAPIP.SYS [2008.11.16 14:27:19 | 09,598,080 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2uvc.sys [2008.11.16 14:27:19 | 00,015,497 | ---- | C] () -- C:\WINDOWS\snp2uvc.ini [2008.11.16 14:26:20 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\SynTPCoI.dll [2008.05.26 22:23:36 | 00,016,834 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini [2008.05.26 22:23:34 | 00,024,188 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini [2008.05.26 22:23:32 | 00,016,568 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini [2007.07.16 11:58:10 | 00,197,408 | ---- | C] () -- C:\WINDOWS\System32\vpnapi.dll [2007.07.16 11:58:00 | 00,193,312 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll [2007.02.27 17:48:38 | 02,842,624 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll [2007.02.27 17:29:32 | 00,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll [2006.06.29 13:58:52 | 00,030,808 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont [2006.06.29 13:53:56 | 00,026,489 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont [2006.04.18 14:39:28 | 00,029,779 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont [2006.04.18 14:39:28 | 00,026,040 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont [2006.01.27 18:18:01 | 00,000,849 | ---- | C] () -- C:\WINDOWS\orun32.ini [2006.01.27 18:05:14 | 00,002,963 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI [2006.01.27 02:01:34 | 00,000,837 | ---- | C] () -- C:\WINDOWS\win.ini [2006.01.27 02:01:31 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini [2006.01.26 18:09:23 | 00,000,062 | -HS- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\desktop.ini [2005.02.17 11:41:32 | 00,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest [2005.02.17 11:41:30 | 00,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest [2001.11.14 12:56:00 | 01,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll ========== Alternate Data Streams ========== @Alternate Data Stream - 115 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:D158BAF9 @Alternate Data Stream - 114 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:93E9C78D < End of report > [/CODE] |
Zitat:
Wo ist die ESET Logfile Schon vergessen das die Reihenfolge Gründe hat ? ;) |
Hi, es müsste die fünft letzte Antwort sein, die Datei heiß Log.txt, ich hab sie angehängt gruß Andi |
Hi hast du die Datei gefunden ? Muss ich noch weitere Schritte vornehmen oder was meinst du? Der Rechner läuft ganz OK, die Webseiten seind weg. Ich glaub mein Rechner ist ein wenig überfüllt mit Programmen, weil er ist erst ein Jahr und es ist ein Lenovo Thin Pad aber er braucht relativ lang zum hochfahren. Oder woran liegt das ? Meinst dzu auch das ich ihn zu vollgeladen habe ? Danke nochmals Gruß Andi |
Einmal anhängen, einmal posten nervt irrsinnig :rolleyes: Starte OTL.exe Klicke rechts oben auf den CleanUp Button. Poste eine neue HJT Logfile |
| Alle Zeitangaben in WEZ +1. Es ist jetzt 08:31 Uhr. |
Copyright ©2000-2025, Trojaner-Board